#4916
"Before rushing to install the patch, however, users and admins should note one important issue: the fix may not yet be compatible with your antivirus software.
Microsoft noted that, unless a registry key is updated by the antivirus package, installing the security patch can result in a blue screen of death (BSoD). For that reason, Microsoft said it has set the update to only apply when the registry key has been changed. In other words, antivirus tools must set the key when they are confirmed to be compatible with the operating system update. The patch introduces a significant change to the design of Windows' internal memory management, and this is probably tripping up anti-malware tools, which dig into and rely on low levels of the system.
Some AV vendors have already issued updates to change the key, and allow the fix to be applied without causing any cockups, while others have an update in the works to be released this week or early next week. The malware hunters expected the Windows patches to be released next week, and were caught out when Microsoft brought its patches forward after Meltdown exploit code emerged on the web.
Vendors reported to have updates are Symantec, F-Secure, Avast, and Microsoft's own Windows Defender platform. Check that link for a table of supported and not supported products – obviously, if there is no support, don't flip the key.
Users and admins who are comfortable editing Registry keys themselves can manually perform the task by setting the following:
Key="HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat"
Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc"
Type="REG_DWORD”
Data="0x00000000”"
#4916